diff options
Diffstat (limited to 'sandbox/sebastien/cpp/apr-2/modules/http/proxy-ssl-conf')
| -rwxr-xr-x | sandbox/sebastien/cpp/apr-2/modules/http/proxy-ssl-conf | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/sandbox/sebastien/cpp/apr-2/modules/http/proxy-ssl-conf b/sandbox/sebastien/cpp/apr-2/modules/http/proxy-ssl-conf new file mode 100755 index 0000000000..f5e2bfc4a4 --- /dev/null +++ b/sandbox/sebastien/cpp/apr-2/modules/http/proxy-ssl-conf @@ -0,0 +1,72 @@ +#!/bin/sh + +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +# Generate a minimal HTTPD proxy balancer configuration +here=`readlink -f $0`; here=`dirname $here` +mkdir -p $1 +root=`readlink -f $1` + +cat >>$root/conf/vhost-ssl.conf <<EOF +# Generated by: proxy-ssl-conf $* +# Enable HTTPS reverse proxy +ProxyRequests Off +ProxyPreserveHost On +ProxyStatus On +SSLProxyEngine on +SSLProxyCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + +# Verify server certificates +SSLProxyVerify require +SSLProxyVerifyDepth 1 + +# Enable load balancing +ProxyPass /balancer-manager ! +ProxyPass / balancer://sslcluster/ + +<Proxy balancer://sslcluster> +Require all granted +ProxySet lbmethod=byrequests +</Proxy> + +# Enable balancer manager +<Location /balancer-manager> +SetHandler balancer-manager +HostnameLookups on +Require user admin +</Location> + +EOF + +cat >>$root/conf/svhost-ssl.conf <<EOF +# Generated by: proxy-ssl-conf $* +# Declare proxy SSL client certificates +SSLProxyCACertificateFile "$root/cert/ca.crt" +SSLProxyMachineCertificateFile "$root/cert/proxy.pem" + +EOF + +cat >>$root/conf/dvhost-ssl.conf <<EOF +# Generated by: proxy-ssl-conf $* + +# Declare proxy SSL client certificates +SSLProxyCACertificateFile "$root/cert/ca.crt" +SSLProxyMachineCertificateFile "$root/cert/proxy.pem" + +EOF + |